On Wed, Apr 20, 2016 at 11:52:58PM -0700, John Johansen wrote: > This prevents a bug where a hat could be used to set onexec and then > return to parent with it set. > > If in a hat when onexec is set then return to parent will be prevented.
This looks like a potentially surprising change. If an exec() fails, a program may reasonably try to aa_changehat() back to the parent afterward, and continue, no? This change will kill the process if it tries. > Signed-off-by: John Johansen <[email protected]> The code change itself looks good, so: Acked-by: Seth Arnold <[email protected]> Thanks > --- > security/apparmor/context.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/apparmor/context.c b/security/apparmor/context.c > index 3064c6c..a3d836e 100644 > --- a/security/apparmor/context.c > +++ b/security/apparmor/context.c > @@ -138,7 +138,7 @@ int aa_set_current_onexec(struct aa_profile *profile) > > cxt = cred_cxt(new); > aa_get_profile(profile); > - aa_put_profile(cxt->onexec); > + aa_clear_task_cxt_trans(cxt); > cxt->onexec = profile; > > commit_creds(new);
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
